Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa
File: 3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa (raw, json)
Hash identifier: Bd9d+gey9RSINFYmDx+KKGyvG78XsMu3zqcSr9eI+S0=
Subject key identifier: 0E:2A:D4:AA:CE:66:91:D8:67:37:D8:CF:C9:91:26:31:94:0F:23:7A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 33B5283CE061393155173338EFD47861F118DE10
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa
Signing time: Fri 20 Sep 2024 14:04:49 +0000
ROA not before: Fri 20 Sep 2024 13:59:49 +0000
ROA not after: Fri 19 Sep 2025 14:04:49 +0000
asID: 61317
IP address blocks: 185.241.148.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 13:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:b5:28:3c:e0:61:39:31:55:17:33:38:ef:d4:78:61:f1:18:de:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 20 13:59:49 2024 GMT
Not After : Sep 19 14:04:49 2025 GMT
Subject: CN=0E2AD4AACE6691D86737D8CFC9912631940F237A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:82:f4:33:35:0c:73:0f:fa:4e:2a:ed:cf:76:
0f:4d:8b:ab:79:5b:ad:25:6b:2b:f1:a0:e1:d6:78:
88:c6:40:02:50:9f:ee:f2:b6:52:d2:71:9a:9d:9c:
61:04:1d:0d:35:88:09:f9:36:d9:1b:bd:50:de:3b:
66:5e:32:a4:9c:53:6f:ce:96:54:49:c3:69:f9:23:
84:fc:1b:43:fd:fd:72:33:73:4f:29:5d:7a:b4:6c:
70:96:15:6b:dd:04:55:c7:60:7d:b4:17:f8:24:b4:
4f:2f:f4:c4:10:3b:b2:ad:70:c2:7d:ca:e8:87:f2:
2f:ee:3e:0f:e8:f9:09:fc:7b:8b:28:28:f8:c9:ea:
c0:6e:25:00:e8:4c:9f:4b:16:23:8f:e4:3c:97:86:
c5:2c:f7:f0:8f:a8:ed:50:8b:6a:77:7e:80:06:e6:
43:ef:2e:b3:54:9b:36:4a:a4:74:e2:fe:ce:86:b4:
c0:61:38:dc:ce:15:09:81:67:bd:6a:49:56:61:11:
e8:41:7b:6c:fd:9f:4b:b7:e1:34:54:ee:eb:df:ab:
58:d7:5e:1d:1a:61:62:3c:7b:e0:2e:2d:f9:04:19:
cd:b4:a5:15:3f:91:bc:f6:a9:a4:90:0d:37:56:b4:
52:62:27:69:b5:e0:e9:e6:b4:de:63:93:18:70:3b:
36:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2A:D4:AA:CE:66:91:D8:67:37:D8:CF:C9:91:26:31:94:0F:23:7A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.148.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:03:f7:46:69:77:b3:07:81:29:8b:b3:d6:5d:eb:e9:b0:b7:
36:7a:13:33:cd:88:ed:e5:49:56:4e:34:f0:78:f9:cd:45:4b:
83:61:45:7d:55:06:da:7e:ec:4e:9d:e8:fc:0e:d6:bc:1b:a5:
f2:38:b1:ca:72:7c:41:32:df:6a:ec:b7:6d:d4:3e:7a:61:7b:
c0:9c:a0:75:13:d4:c9:79:ff:be:d3:53:61:20:6e:97:a5:ee:
b5:43:52:77:da:5e:f9:26:76:c7:65:93:6e:d6:51:1e:6c:31:
07:1b:28:9d:7b:3b:da:83:f8:86:03:f9:01:1d:8d:19:bf:6d:
35:3e:b5:28:b3:d1:69:2e:a1:37:15:d2:7c:4f:7d:62:84:1a:
90:4d:ae:27:c1:2c:5c:04:4c:41:76:62:fe:b2:8c:28:f4:d3:
6f:f3:72:03:a9:1e:bb:a4:45:65:8e:a7:5a:2d:46:04:a3:87:
61:57:3a:46:cf:de:5a:69:35:11:52:50:2b:77:79:35:c4:41:
90:16:49:ab:7a:6b:ac:fd:63:99:49:72:05:8e:61:d5:50:a6:
2b:50:54:8e:46:76:e0:e3:d3:af:ba:06:0d:54:75:e9:9e:df:
35:77:4f:b6:26:05:f2:1c:dc:aa:2d:28:10:4f:b4:4e:c0:9d:
e1:18:22:71
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUM7UoPOBhOTFVFzM479R4YfEY3hAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA5MjAxMzU5NDlaFw0yNTA5MTkxNDA0NDlaMDMxMTAvBgNV
BAMTKDBFMkFENEFBQ0U2NjkxRDg2NzM3RDhDRkM5OTEyNjMxOTQwRjIzN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvgvQzNQxzD/pOKu3Pdg9Ni6t5
W60layvxoOHWeIjGQAJQn+7ytlLScZqdnGEEHQ01iAn5NtkbvVDeO2ZeMqScU2/O
llRJw2n5I4T8G0P9/XIzc08pXXq0bHCWFWvdBFXHYH20F/gktE8v9MQQO7KtcMJ9
yuiH8i/uPg/o+Qn8e4soKPjJ6sBuJQDoTJ9LFiOP5DyXhsUs9/CPqO1Qi2p3foAG
5kPvLrNUmzZKpHTi/s6GtMBhONzOFQmBZ71qSVZhEehBe2z9n0u34TRU7uvfq1jX
Xh0aYWI8e+AuLfkEGc20pRU/kbz2qaSQDTdWtFJiJ2m14OnmtN5jkxhwOzatAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDirUqs5mkdhnN9jPyZEmMZQPI3owHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzEyZTMx
MzQzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG58ZQwDQYJKoZIhvcNAQELBQADggEBAH8D90Zpd7MHgSmLs9Zd6+mwtzZ6EzPN
iO3lSVZONPB4+c1FS4NhRX1VBtp+7E6d6PwO1rwbpfI4scpyfEEy32rst23UPnph
e8CcoHUT1Ml5/77TU2Egbpel7rVDUnfaXvkmdsdlk27WUR5sMQcbKJ17O9qD+IYD
+QEdjRm/bTU+tSiz0WkuoTcV0nxPfWKEGpBNrifBLFwETEF2Yv6yjCj002/zcgOp
HrukRWWOp1otRgSjh2FXOkbP3lppNRFSUCt3eTXEQZAWSat6a6z9Y5lJcgWOYdVQ
pitQVI5GduDj06+6Bg1Udeme3zV3T7YmBfIc3KotKBBPtE7AneEYInE=
-----END CERTIFICATE-----
Generated at Fri Mar 14 05:35:22 2025 by rpki-client